Information System Security Officer (ISSO)

Who we are:

Raft (https://TeamRaft.com) is a customer-obsessed non-traditional small business with a purposeful focus on Distributed Data Systems, Platforms at Scale, and Complex Application Development, with headquarters in McLean, VA. Our range of clients includes innovative federal and public agencies leveraging design thinking, cutting-edge tech stack, and cloud-native ecosystem. We build digital solutions that impact the lives of millions of Americans.

About the role:

As an Information System Security Officer (ISSO), you will expertly manage the security aspects of our cutting-edge platforms and systems designed for our esteemed clients. The ISSO will play an instrumental role in generating and maintaining the necessary artifacts to achieve and sustain Authority to Operate (ATO) while working in close collaboration with our development team. This collaboration ensures the seamless integration of security controls early in the development lifecycle. You will audit and monitor all of the platforms & tooling across the customer environment. This role requires a deep understanding of cybersecurity principles, federal compliance requirements, and a passion for safeguarding national security infrastructure.

What we are looking for:
* Minimum of 4 years' experience in ISSM/O roles
* Proven experience in obtaining and maintaining ATO for classified government cloud systems, adhering to DoD policies such as Risk Management Framework (RMF), NIST 800-53 Rev 4 and 5, NIST 800-37, NIST 800-60 and more
* Skilled in crafting eMASS packages and implementing DISA STIGs
* Proficient in conducting risk assessments, audits, and compliance monitoring within DoD environments
* Demonstrated proficiency in managing and creating Body of Evidence (BOE) artifacts, including POA&Ms, SSPs, RARs, Vulnerability Assessments, Security Assessment Plans, etc.
* Understanding of and experience with SIEM tools such as Splunk, Grafana, or ELK
* Proficient in conducting continuous monitoring activities such as auditing, configuration reviews, policy & procedure reviews, etc.
* Demonstrated experience managing compliance activities for both on-prem & cloud-based (AWS) systems & networks
* Track record of leading programs/projects in attaining ATO
* Experience conducting internal self-assessments and audits with external assessors
* In-depth understanding of Network Rules, Platforms, and Application development
* Familiarity with cloud-native, scalable services
* Experience with common cybersecurity tools and technologies such as vulnerability & compliance scanners, anti-malware, code analyzers, IDS/IPS, DLP, SBOM, etc.
* Experience building and maintaining Standard Operating Procedures
* Obtain Security+ or other DoD 8570 IAT Level II or higher certification within 6 months of employment with Raft

Highly preferred:
* Bachelor's degree in Cybersecurity, Information Assurance, Information Technology, or a related field.
* CISSP, CISM, CISA, CGRC, or other DoD 8570 IAM Level 2 or higher certifications
* Experience in a K8s DevSecOps environment, preferably with Platform One
* Experience with FIPS (Federal Information Processing Standards)
* Experience with writing/reviewing RMF control policies
* Experience with Executive leadership (PMO office)
* Knowledge of Cloud platforms and migrations
* Previous experience as a Solution Architect
* Engineering background
* Experience in a software factory setting

Clearance Requirements:

• Active Secret with the ability to obtain and maintain a Top Secret security clearance

Work Type:

• Onsite in Honolulu, HI
• May require up to 25% travel to both CONUS and OCONUS locations (Must possess a valid, active US passport with at least six months validity beyond intended period of employment to facilitate international travel and meet security requirements for government contracts.)

Salary Range:

• $130,000 - $175,000
• The determination of compensation is predicated upon a candidate's comprehensive experience, demonstrated skill, and proven abilities

What we will offer you:

• Highly competitive salary
• Fully covered healthcare, dental, and vision coverage
• 401(k) and company match
• Take as you need PTO + 11 paid holidays
• Education & training benefits
• Generous Referral Bonuses
• And More!

Our Vision Statement:

We bridge the gap between humans and data through radical transparency and our obsession withthemission.

Our Customer Obsession:

We will approach every deliverable like it's a product. We will adopt a customer-obsessed mentality. As we grow, and our footprint becomes larger, teams and employees will treat each other not only as teammates but customers. We must live the customer-obsessed mindset, always. This will help us scale and it will translate to the interactions that our Rafters have with their clients and other product teams that they integrate with. Our culture will enable our success and set us apart from other companies.

How do we get there?

Public-sector modernization is critical for us to live in a better world. We, at Raft, want to innovate and solve complex problems. And, if we are successful, our generation and the ones that follow us will live in a delightful, efficient, and accessible world where out-of-box thinking,and collaboration is a norm.

Raft's core philosophy isUbuntu: IAm, BecauseWe are. We support our"nadi"by elevating the other Rafters. We work as a hyper collaborative team where each team member brings a unique perspective, adding value that did not exist before. People make Raft special. We celebrate each other and our cognitive and cultural diversity. We are devoted to our practice of innovation and collaboration.